| Vulnerability Name: | CVE-2006-6481 (CCN-30910) | ||||||||||||
| Assigned: | 2006-12-09 | ||||||||||||
| Published: | 2006-12-09 | ||||||||||||
| Updated: | 2011-03-08 | ||||||||||||
| Summary: | Clam AntiVirus (ClamAV) 0.88.6 allows remote attackers to cause a denial of service (stack overflow and application crash) by wrapping many layers of multipart/mixed content around a document, a different vulnerability than CVE-2006-5874 and CVE-2006-6406. | ||||||||||||
| CVSS v3 Severity: | 5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)
| ||||||||||||
| CVSS v2 Severity: | 5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P) 3.7 Low (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C)
| ||||||||||||
| Vulnerability Type: | CWE-Other | ||||||||||||
| Vulnerability Consequences: | Denial of Service | ||||||||||||
| References: | Source: MITRE Type: CNA CVE-2006-6481 Source: CCN Type: Apple Web site About Security Update 2008-002 Source: CONFIRM Type: UNKNOWN http://docs.info.apple.com/article.html?artnum=307562 Source: CONFIRM Type: UNKNOWN http://kolab.org/security/kolab-vendor-notice-14.txt Source: APPLE Type: UNKNOWN APPLE-SA-2008-03-18 Source: OSVDB Type: UNKNOWN 31283 Source: CCN Type: SA23347 Clam AntiVirus Multipart Nestings Denial of Service Source: SECUNIA Type: UNKNOWN 23347 Source: SECUNIA Type: UNKNOWN 23362 Source: SECUNIA Type: UNKNOWN 23379 Source: SECUNIA Type: UNKNOWN 23404 Source: SECUNIA Type: UNKNOWN 23411 Source: SECUNIA Type: UNKNOWN 23417 Source: CCN Type: SA23460 Kolab Server ClamAV Denial of Service Vulnerability Source: SECUNIA Type: UNKNOWN 23460 Source: CCN Type: SA29420 Mac OS X Security Update Fixes Multiple Vulnerabilities Source: SECUNIA Type: UNKNOWN 29420 Source: GENTOO Type: UNKNOWN GLSA-200612-18 Source: CCN Type: SourceForge.net: Files Clam AntiVirus - File Release Notes and Changelog - Release Name: 0.88.7 Source: DEBIAN Type: UNKNOWN DSA-1238 Source: DEBIAN Type: DSA-1238 clamav -- several vulnerabilities Source: CCN Type: GLSA-200612-18 ClamAV: Denial of Service Source: MANDRIVA Type: UNKNOWN MDKSA-2006:230 Source: SUSE Type: UNKNOWN SUSE-SA:2006:078 Source: CCN Type: OSVDB ID: 31283 Clam AntiVirus Layered Base64 MIME Encoding DoS Source: CCN Type: OSVDB ID: 31286 BitDefender Mail Protection Layered Base64 MIME Encoding DoS Source: CCN Type: OSVDB ID: 31289 Frisk F-PROT Antivirus Layered Base64 MIME Encoding DoS Source: CCN Type: OSVDB ID: 31291 Kaspersky Anti-Virus Layered Base64 MIME Encoding DoS Source: CCN Type: OSVDB ID: 31293 F-Secure Anti-Virus Layered Base64 MIME Encoding DoS Source: MISC Type: Vendor Advisory http://www.quantenblog.net/security/virus-scanner-bypass Source: BID Type: UNKNOWN 21609 Source: CCN Type: BID-21609 ClamAV Attachment Wrapping Denial Of Service Vulnerability Source: TRUSTIX Type: UNKNOWN 2006-0072 Source: VUPEN Type: UNKNOWN ADV-2006-4948 Source: VUPEN Type: UNKNOWN ADV-2006-5113 Source: VUPEN Type: UNKNOWN ADV-2008-0924 Source: XF Type: UNKNOWN clamav-multipart-content-dos(30910) Source: SUSE Type: SUSE-SA:2006:078 clamav security update | ||||||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||||||
| Oval Definitions | |||||||||||||
| |||||||||||||
| BACK | |||||||||||||